<?php
namespace app\common\controller;
use app\common\model\AuthGroup;
use app\common\model\AuthRule;
use app\common\controller\All;
class User extends All{
	protected $userinfo;
    public function _initialize() {
		parent::_initialize();
		config('auth_config',['auth_user'=>'user']);
		$path = config('template.view_path', ROOT_PATH . 'tpl' . DS . 'user' . DS) . $GLOBALS['config']['site']['user_theme'] . DS;
        $this->view->config('view_path', $path);
		$this->Lable_Style();
		$this->param = $this->request->param();
		//检查登录状态
		if(!is_login() and !in_array($GLOBALS['route'], array('user/home/index','user/center/getplaylog','user/center/addplaylog','user/center/flushinfo')) and !in_array(strtolower($this->request->module().'/'.$this->request->controller()), array('user/reg','user/login','user/home','user/snslogin'))){
		  return $this->redirect(zanpian_user_url('user/login/index'));
		}
			    // 检测系统权限
				$access = $this->accessControl();
				if (false === $access) {
					$this->error('403:禁止访问');
				} elseif (null === $access) {
					$dynamic = $this->checkDynamic(); //检测分类栏目有关的各项动态权限
					if ($dynamic === null) {
						print_r(config('video'));
						if (!$this->checkRule($this->url.','.$this->model, array('in', '1,2'))) {
							$this->error('未授权访问!');
						} else {
							// 检测分类及内容有关的各项动态权限
							$dynamic = $this->checkDynamic();
							if (false === $dynamic) {
								$this->error('未授权访问!');
							}
						}
					} elseif ($dynamic === false) {
						$this->error('未授权访问!');
					}
				}
		
		$this->check_member();
	}
	protected function checkDynamic() {
		if (IS_ROOT) {
			return true; //管理员允许访问任何页面
		}
		return null; //不明,需checkRule
	}
	final protected function checkRule($rule, $type = AuthRule::rule_url, $mode = 'url') {
		static $Auth = null;
		if (!$Auth) {
			$Auth = new \com\Auth();
		}
		if (!$Auth->check($rule, session('user_auth.user_id'), $type, $mode)) {
			return false;
		}
		return true;
	}	
	final protected function accessControl() {
		$allow = parse('textarea',config('setting.allow_visit'));
		$deny  = parse('textarea',config('setting.deny_visit'));
		$check = strtolower($this->request->controller() . '/' . $this->request->action());
		if (!empty($deny) && in_array_case($check, $deny)) {
			return false; //非超管禁止访问deny中的方法
		}
		if (!empty($allow) && in_array_case($check, $allow)) {
			return true;
		}
		return null; //需要检测节点权限
	}	
    final public function check_member(){
		if(is_login()){
			$session=session('user_auth');
		    $user=model('User')->get_user_info($session['user_id']);
		}
		$this->assign('userinfo',$user);
		$this->assign('user_nav',F('_user/nav_center'));
		$this->assign('user_nav_index',F('_user/nav_index'));		
		$this->userinfo=$user;
		if(!empty($user['api'])){
			foreach($user['api'] as $key=>$value){
				$syncs[$value['user_channel']]=$value['user_openid'];
			
			}
			
		$this->assign('syncs',$syncs);	
		}
	}
	/**
	 * 获取单个参数的数组形式
	 */
	protected function getArrayParam($param) {
		if (isset($this->param['id'])) {
			return array_unique((array) $this->param[$param]);
		} else {
			return array();
		}
	}
	protected function sign_out(){
		    cookie('user_auth', null);
		    cookie('user_auth_sign', null);
		    session('user_auth', null);
		    session('user_auth_sign', null);
			session('user_auth_temp',null);
	}
}
?>